IBM today released its annual Cost of Data Breach Report, revealing that the average global cost of a data breach has reached $4.88 million by 2024. This increase reflects the growing complexity and disruption of these breaches, which are increasing the pressure on security teams.

The increase in costs is mainly due to the loss of business and the expenses associated with responding to customers and third parties. The collateral damage of data breaches has intensified, prolonging the aftermath of these incidents. In fact, only 12% of companies manage to fully recover in more than 100 days.

Kevin Skapinetz, vice president of Product Strategy and Design at IBM Security, commented: “Enterprises are trapped in a continuous cycle of breaches, containment and response to the consequences. This cycle now includes investments in strengthening security defenses and shifting the costs of breaches to consumers, making security the new cost of doing business. With the rapid integration of generative AI into the enterprise, these expenses will soon become unsustainable, forcing companies to reevaluate their security measures and response strategies.”

Key findings from the Cost of Data Breach 2024 report:

  • Shortage of security personnel: More organizations faced severe staffing shortages (up 26%) and saw an average cost of $1.76 million higher in breaches compared to those with sufficient or trained security staff.
  • AI-powered prevention:Two in three organizations are implementing AI and security automation in their security operations centers (SOCs). Those that used these technologies extensively in their prevention workflows incurred an average of $2.2 million less in breach costs.
  • Data visibility gaps: 40% of breaches involved data across multiple environments, including public and private cloud, as well as on-premises facilities. These breaches cost more than $5 million on average and took the longest time to identify and contain (283 days).

ANDIntellectual property theft skyrocketed, with more than a third of breaches involving shadow data. However, the use of AI and automation reduced the cost of data breaches by $1.88 million

Impact of security personnel shortage

More than half of organizations studied faced severe staffing shortages last year, resulting in significantly higher costs ($5.74 million for high levels of shortages versus $3.98 million for low or no shortages). This challenge coincides with the adoption of generative AI technologies, which are expected to introduce new risks for security teams. According to a global study by the IBM Institute for Business Value, 51% of business leaders are concerned about unpredictable risks and new security vulnerabilities emerging, while 47% fear new attacks targeting AI.

Hacking time with AI

The report also reveals that 67% of organizations have implemented AI and security automation, an increase of nearly 10% from the previous year, and 20% are using generative AI security tools. These technologies have enabled incidents to be detected and contained on average 98 days faster than organizations not using them. Additionally, the global data breach lifecycle hit an all-time low of 258 days, up from 277 days the previous year.

Other key findings of the report

  • Stolen Credentials: They topped the initial attack vectors with 16%, being the most common method and the one that took the longest to identify and contain.
  • Rescues and law enforcement: Involving law enforcement helped ransomware victims save nearly $1 million in breach costs.
  • Critical infrastructures:Organizations in healthcare, finance, industrial, technology and energy sectors faced the highest breach costs, with the healthcare sector recording the most costly breaches for the 14th consecutive year.
  • Costs for consumers: 63% of organizations plan to increase the cost of their goods or services due to data breaches, a slight increase from the previous year (57%), marking the third consecutive year that a majority of organizations have taken this action.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.